Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Perimeter

1/12/2010
02:29 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Trustwave Buys BitArmor

Encryption technology to be integrated into Trustwave's endpoint security software

CHICAGO (January 12, 2010) " Trustwave, the leading provider of on-demand data security and payment card industry compliance management solutions to businesses and organizations throughout the world, has acquired BitArmor, a leading provider of data encryption solutions. The terms of the deal are confidential.

Encryption is the conversion of data into a format that cannot be understood by unauthorized parties. Encryption, along with other information security technologies such as Data Loss Prevention (DLP), Network Access Control (NAC), Intrusion Detection (IDS) and Prevention Systems (IPS), and Unified Threat Management (UTM) that are already part of Trustwave's comprehensive security suite, form the basis of an effective, multi-layered strategy to ensure the continuous protection of information.

The core of BitArmor's solution is its Smart Tag technology, which provides a simplified and more effective approach to encryption due to its focus on the protection of the data itself " not the devices to which data is saved or the networks over which the data travels. Smart Tag technology works by attaching encryption policies to each file or folder resulting in Persistent File Encryption (PFE). This ensures that the data can only be viewed by an authorized user regardless of the devices they use, such as desktops and laptops, USB drives, e-mail attachments, storage servers, file shares and tapes. In addition, BitArmor offers a Full Disk Encryption (FDE) solution to minimize the risk of data loss in the event of a misplaced or stolen mobile device such as a laptop. The Smart Tag technology is available as a hosted or non-hosted service based on the customer preferences. Trustwave will be integrating this technology into its current DLP and endpoint security technology to provide an effective solution to discover and protect sensitive data for compliance, privacy and intellectual property protection.

Gartner, Inc., one of the world's leading information technology and research companies, cited BitArmor in their research Cool Vendors in Infrastructure Protection published in 2009, which is available to Gartner clients or for purchase at http://www.gartner.com/DisplayDocument?ref=g_search&id=913415. BitArmor was also recently named as a Finalist in 2010 SC Magazine Awards for Best Encryption Solution (winners to be announced in March).

In addition to its specific relevance to Requirements 3 and 4 of the Payment Card Industry Data Security Standard (PCI DSS), new state and federal data privacy regulations are also increasing the demand for encryption. While many states have required public notification of data breaches for years, recent legislation in Nevada and Massachusetts specifically mandates encryption of personal information. The federal Health Information Technology for Economic and Clinical Health (HITECH) act, passed in 2009, stiffens penalties for Health Insurance Portability and Accountability Act (HIPAA) violations and widens its scope to include any company that processes personal information, not just healthcare organizations themselves. This includes law firms, accounting firms and records processors previously unaffected by the legislation.

"This acquisition enables us to help businesses meet evolving data security and compliance requirements as dictated by industry standards, such as the Payment Card Industry Data Security Standard, and regulations that mandate the protection of personally identifiable information," said Robert J. McCullen, chairman and CEO of Trustwave. "Integrating BitArmor's industry-leading SmartTag technology into our software enhances our endpoint security offering."

"Satisfying compliance requirements while cost-effectively establishing a forward-looking security strategy is a critical challenge for enterprises, particularly those that have not historically invested heavily in security technologies. The incorporation of BitArmor's encryption capabilities with Trustwave's endpoint and network discovery technology, managed service model and broader portfolio is aimed at addressing this acute need," said Steve Coplan, senior analyst in the Enterprise Security Practice at the 451 Group.

"As an organization trying to do as much as we can to secure data, adding BitArmor encryption to Trustwave's robust security and compliance solutions certainly makes sense," said Matthew Stewart, Director of Information Security at Robert Morris University.

"Encryption has become mission-critical technology for government and companies in every industry, and delivering it broadly as part of Trustwave's solutions will bring immediate benefits to both large and small organizations," said Patrick McGregor, CEO of BitArmor, who will remain with the company. "Our team of encryption experts is very excited about becoming part of the Trustwave team."

About Trustwave Trustwave is the leading provider of on-demand and subscription-based information security and payment card industry compliance management solutions to businesses and government entities throughout the world. For organizations faced with today's challenging data security and compliance environment, Trustwave provides a unique approach with comprehensive solutions that include its flagship TrustKeeper' compliance management software and other proprietary security solutions. Trustwave has helped thousands of organizations—ranging from Fortune 500 businesses and large financial institutions to small and medium-sized retailers—manage compliance and secure their network infrastructure, data communications and critical information assets. Trustwave is headquartered in Chicago with offices throughout North America, South America, Europe, Africa, Asia and Australia. For more information, visit https://www.trustwave.com/.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Commentary
How SolarWinds Busted Up Our Assumptions About Code Signing
Dr. Jethro Beekman, Technical Director,  3/3/2021
News
'ObliqueRAT' Now Hides Behind Images on Compromised Websites
Jai Vijayan, Contributing Writer,  3/2/2021
News
Attackers Turn Struggling Software Projects Into Trojan Horses
Robert Lemos, Contributing Writer,  2/26/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
2021 Top Enterprise IT Trends
We've identified the key trends that are poised to impact the IT landscape in 2021. Find out why they're important and how they will affect you today!
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-21360
PUBLISHED: 2021-03-09
Products.GenericSetup is a mini-framework for expressing the configured state of a Zope Site as a set of filesystem artifacts. In Products.GenericSetup before version 2.1.1 there is an information disclosure vulnerability - anonymous visitors may view log and snapshot files generated by the Generic ...
CVE-2021-21361
PUBLISHED: 2021-03-09
The `com.bmuschko:gradle-vagrant-plugin` Gradle plugin contains an information disclosure vulnerability due to the logging of the system environment variables. When this Gradle plugin is executed in public CI/CD, this can lead to sensitive credentials being exposed to malicious actors. This is fixed...
CVE-2021-24033
PUBLISHED: 2021-03-09
react-dev-utils prior to v11.0.4 exposes a function, getProcessForPort, where an input argument is concatenated into a command string to be executed. This function is typically used from react-scripts (in Create React App projects), where the usage is safe. Only when this function is manually invoke...
CVE-2021-21510
PUBLISHED: 2021-03-08
Dell iDRAC8 versions prior to 2.75.100.75 contain a host header injection vulnerability. A remote unauthenticated attacker may potentially exploit this vulnerability by injecting arbitrary ‘Host’ header values to poison a web-cache or trigger redirections.
CVE-2020-27575
PUBLISHED: 2021-03-08
Maxum Rumpus 8.2.13 and 8.2.14 is affected by a command injection vulnerability. The web administration contains functionality in which administrators are able to manage users. The edit users form contains a parameter vulnerable to command injection due to insufficient validation.